{% set ldap_domain = 'dc={},dc={}'.format(openldap_server_domain_name.split('.')[0],openldap_server_domain_name.split('.')[1]) %}
{% if openldap_server_users %}
{%- for group, users in openldap_server_users.items() -%}
{% set guid_loop = loop %}
dn: cn={{ group }},ou=Group,{{ ldap_domain }}
objectClass: posixGroup
cn: {{ group }}
gidNumber: {{ 10000 + guid_loop.index }}
{% for user in users.keys() %}
memberUid: {{ user }}
{% endfor %}

{% for user, config in users.items() %}
dn: uid={{ user }},ou=Users,{{ ldap_domain }}
{% if 'fullname' in config %}
cn: {{ config['fullname'] }}
{% endif %}
{% if 'givenname' in config %}
givenName: {{ config['givenname'] }}
{% endif %}
{% if 'surname' in config %}
sn: {{ config['surname'] }}
{% endif %}
userPassword: {{ config['password'] }}
mail: {{ config['email'] }}
loginShell: {{ config.get('shell', '/bin/bash') }}
homeDirectory: {{ config.get('home', '/home/{}'.format(user)) }}
{% if 'phone' in config %}
telephoneNumber: {{ config['phone'] }}
{% endif %}
uidNumber: {{ 10000 + loop.index + guid_loop.index * 100 }}
gidNumber: {{ 10000 + guid_loop.index }}
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount

{% endfor %}

{% endfor %}
{% endif %}
